Skip to content

2FA Code Generation

Generate valid 2FA codes via API. Test MFA flows in CI without disabling 2FA or hardcoding secrets.

python
# Register the TOTP secret from your app's 2FA setup
client.totp.register(label="staging-admin", secret=totp_secret)

# Generate a valid code whenever you need one
code = client.totp.generate("staging-admin")
page.fill("#otp-input", code.code)  # "483291"

TOTP code generated. 2FA bypass complete.

Automated 2FA testing

Register your app's TOTP secret once. Generate valid codes on demand in your test suite — no shared authenticator apps, no hardcoded secrets in CI.

Get started

Encrypted at rest

TOTP secrets are encrypted using application-level encryption before storage. API keys are hashed and cannot be retrieved after creation.

vs disabling 2FA in test environments

Most teams either disable MFA in staging or hardcode bypass secrets. Both create security gaps between test and production.

Generate real 2FA codes on demand via API. Test the actual MFA flow your users see.